From a7d48a8348e8238f122689eabdcf0b7b50c88626 Mon Sep 17 00:00:00 2001 From: natasha-moore-elastic Date: Fri, 13 Dec 2024 14:19:32 +0000 Subject: [PATCH] Removes alert suppression line from RN and highlights --- docs/release-notes/8.17.asciidoc | 1 - docs/whats-new.asciidoc | 10 +--------- 2 files changed, 1 insertion(+), 10 deletions(-) diff --git a/docs/release-notes/8.17.asciidoc b/docs/release-notes/8.17.asciidoc index ed03b7b20d..0dc2ba58fc 100644 --- a/docs/release-notes/8.17.asciidoc +++ b/docs/release-notes/8.17.asciidoc @@ -92,7 +92,6 @@ On November 12, 2024, it was discovered that manually running a custom query rul [[features-8.17.0]] ==== New features * Adds a signature option for trusted applications on macOS ({kibana-pull}197821[#197821]). -* Allows you to use alert suppression on EQL sequence alerts ({kibana-pull}189725[#189725]). * Adds GA support for the case action feature, which lets rules automatically create cases ({kibana-pull}196973[#196973]). [discrete] diff --git a/docs/whats-new.asciidoc b/docs/whats-new.asciidoc index 13bde6a9ab..ed1bc53f7f 100644 --- a/docs/whats-new.asciidoc +++ b/docs/whats-new.asciidoc @@ -11,20 +11,12 @@ Other versions: {security-guide-all}/8.16/whats-new.html[8.16] | {security-guide // tag::notable-highlights[] [float] -== Detection rules and alerts enhancements - -[float] -=== Logsdb index mode with detection rules and alerts +== Logsdb index mode with detection rules and alerts The {ref}/logs-data-stream.html[logsdb index mode] allows you to store log data more efficiently. If you're considering using it, refer to {security-guide}/detections-logsdb-index-mode-impact.html[Using logsdb index mode with {elastic-sec}] to learn how it can impact your rules and alerts. NOTE: To use the {ref}/mapping-source-field.html#synthetic-source[synthetic `_source`] feature, you must have the appropriate subscription. Refer to the subscription page for https://www.elastic.co/subscriptions/cloud[{ecloud}] and {subscriptions}[{stack}/self-managed] for the breakdown of available features and their associated subscription tiers. -[float] -=== Suppress alerts for EQL sequence rules - -{security-guide}/alert-suppression.html[Alert suppression] now supports the EQL sequence rule type. You can use it to reduce the number of repeated or duplicate detection alerts generated from EQL sequence rules. - [float] == Signature option available for macOS trusted applications conditions